From f0ee6f1257e4696f902a16505cf88bf97e89c451 Mon Sep 17 00:00:00 2001 From: Seth Schoen Date: Sun, 10 May 2015 09:18:55 -0700 Subject: [PATCH] Make saving files, recording configurator names work --- letsencrypt/client/cli.py | 3 ++- letsencrypt/client/client.py | 19 +++++++++---------- letsencrypt/client/renewer.py | 10 +++++++--- 3 files changed, 18 insertions(+), 14 deletions(-) diff --git a/letsencrypt/client/cli.py b/letsencrypt/client/cli.py index 309ab4ce6..904cdce68 100644 --- a/letsencrypt/client/cli.py +++ b/letsencrypt/client/cli.py @@ -98,7 +98,8 @@ def run(args, config, plugins): return "Configurator could not be determined" acme, doms = _common_run(args, config, acc, authenticator, installer) - lineage = acme.obtain_and_enroll_certificate(doms) + lineage = acme.obtain_and_enroll_certificate(doms, authenticator, + installer) # TODO: Decide whether to enroll or not from config/policy acme.deploy_certificate(doms, lineage) acme.enhance_config(doms, args.redirect) diff --git a/letsencrypt/client/client.py b/letsencrypt/client/client.py index 67e639e5d..e9134fffd 100644 --- a/letsencrypt/client/client.py +++ b/letsencrypt/client/client.py @@ -107,16 +107,12 @@ class Client(object): :param set domains: domains to get a certificate - :param bool renewal: whether this request is a renewal (which avoids - attempting to enroll the resulting certificate in the renewal - database) - :param csr: CSR must contain requested domains, the key used to generate this CSR can be different than self.authkey :type csr: :class:`CSR` - :returns: cert_key, cert_path, chain_path - :rtype: `tuple` of (:class:`letsencrypt.client.le_util.Key`, str, str) + :returns: cert_pem, cert_pem, chain_pem + :rtype: `tuple` of (str, str, str) """ if self.auth_handler is None: @@ -157,13 +153,16 @@ class Client(object): return cert_pem, cert_key.pem, chain_pem - def obtain_and_enroll_certificate(self, domains, csr=None): + def obtain_and_enroll_certificate(self, domains, authenticator, installer, + csr=None): cert_pem, privkey, chain_pem = self._obtain_certificate(domains, csr) + # TODO: Add IPlugin.name or use PluginsFactory.find_init instead + # of assuming that each plugin has a .name attribute + self.config.namespace.authenticator = authenticator.name + self.config.namespace.installer = installer.name return renewer.RenewableCert.new_lineage(domains[0], cert_pem, - privkey, chain_pem, None, + privkey, chain_pem, vars(self.config.namespace)) - # XXX: self.account.key.file is totally wrong here, that's - # the account key and not the cert key! def obtain_certificate(self, domains): return self._obtain_certificate(domains, None) diff --git a/letsencrypt/client/renewer.py b/letsencrypt/client/renewer.py index 2ecd603b9..41ec37834 100644 --- a/letsencrypt/client/renewer.py +++ b/letsencrypt/client/renewer.py @@ -323,7 +323,7 @@ class RenewableCert(object): # pylint: disable=too-many-instance-attributes return False @classmethod - def new_lineage(cls, lineagename, cert, privkey, chain, configurator=None, + def new_lineage(cls, lineagename, cert, privkey, chain, renewalparams=None, config=DEFAULTS): # pylint: disable=too-many-locals """Create a new certificate lineage with the (suggested) lineage name @@ -336,6 +336,7 @@ class RenewableCert(object): # pylint: disable=too-many-instance-attributes Returns a new RenewableCert object referring to the created lineage. (The actual lineage name, as well as all the relevant file paths, will be available within this object.)""" + print config configs_dir = config["renewal_configs_dir"] archive_dir = config["official_archive_dir"] live_dir = config["live_dir"] @@ -385,8 +386,11 @@ class RenewableCert(object): # pylint: disable=too-many-instance-attributes new_config["privkey"] = privkey_target new_config["chain"] = chain_target new_config["fullchain"] = fullchain_target - if configurator: new_config["configurator"] = configurator - if renewalparams: new_config["renewalparams"] = renewalparams + if renewalparams: + new_config["renewalparams"] = renewalparams + new_config.comments["renewalparams"] = ["", + "Options and defaults used" + " in the renewal process"] # TODO: add human-readable comments explaining other available # parameters new_config.write()